1. Which type
type of Dashboard
Dashboard Widget
Widget can be congur
congured
ed to change
change color,
color, as its tracked
tracked data reaches
reaches
specic condions or threshold levels?

Bar Chart Table Count Pie Chart

2. Which of the
the following
following frequencie
frequencies,
s, can be used
used to schedule
schedule a Patch
Patch Deploymen
Deploymentt Job? Select
Select all
that apply.

Weekly Quarterly Annually Daily

3. Which Qualys
Qualys applica
applicaon
on module
module is NOT
NOT include
include in the Default
Default VMDR Ac
Acva
vaon
on Key?

Patch Management PCI Compliance

Cybersecurity Asset Management Vulnerability Management

4. Which Qualys
Qualys applica
applicaon,
on, provides
provides the
the Real-Time
Real-Time Threat
Threat Indicator
Indicatorss (RTIs) used
used in the VM
VMDR
DR
Priorizaon Report?

Patch Management Asset Inventory

Threat Protecon Vulnerability Management

5. The Qualys
Qualys CSAM applic
applicaon
aon disngui
disnguishes
shes your
your asset invent
inventory
ory using
using which of
of the following
following
categories? Select all that apply.

Soware Hardware

Firmware Operang System

6. Which “Acve
“Acve Threat”
Threat” category
category iinclude
ncludess aacks
aacks that require
require lile
lile skill and
and do not req
require
uire
addional informaon?

Predicted High Risk Easy Exploit

Public Exploit Zero Day

7. Presently,
Presently, you can
can add up
up to _____
_____ patche
patchess to a single job.

2000 1250
1750 1500

8. Which Qualys
Qualys technolo
technology
gy provides
provides a patch
patch download
download cache,
cache, to achieve
achieve a more
more ecient
ecient
distribuon of downloaded patches, to local agent host assets?

Qualys Passive Sensor Qualys Scanner Appliance

Qualys Gateway Server Qualys Connector

9. Using the
the “Search”
“Search” eld (found
(found in the VULNER
VULNERABILIT
ABILITIES
IES sec
secon
on of VMDR), which
which query
query will
produce a list of “patchable” vulnerabilies?

vulnerabilies.vulnerability.qualysPatchable:TRUE

vulnerabilies.vulnerability.isPatchable:TRUE
 

vulnerabilies.vulnerability.qualysPatchable:FALSE

vulnerabilies.vulnerability.isPatchable:FALSE

10. Which of the following queries will dis

display
play assets with
with a Relaonal Database
Database Management
System?

soware:(category1:Databases / RDBMS) soware:(Databases / RDBMS), soware:

(category2:Databases / RDBMS) soware:(category:Databases / RDBMS)

11. By default, which of

of the following factors are used by the VMDR Priorizaon
Priorizaon Report, to
priorize vulnerabilies? Select all that apply.

Vulnerability age Real me Threat Indicators

Compliance Posture Aack Surface

12. Which “Acve Threat” category includes vulnerabilies th

that
at are acvely aacked and have
have no
patch available?

Easy Exploit Malware

Exploit Kit Zero Day

13. Which of the following convenons can be

be used to include or ass
assign
ign host assets to a job?
job? Select
all that apply.

Business Unit Asset Name

Asset Tag Asset Group

14. Qualys categorizes your

your soware inventory
inventory by which of
of the following license types? Select all
that apply.

Premier Trial

Commercial Open Source

15. You are in the process of

of inducng new employees
employees on the Global AssetView
AssetView applicaon. In your
presentaon you have to add the features of this applicaon. Which features from the below

menoned list will you include? Select all that apply.

Categorized and normalized hardware and soware informaon

Ability to dene and track unauthorized soware

Asset Cricality Score

Discovery and inventory of all IT assets

16. You have been asked

asked to create a “Zero-Touch”
“Zero-Touch” patch deployment job. You
You have already
scheduled this job to run once a week. What addional requirement must be met?

Select patches using Asset Tags Defer patch selecon to a later me

Automate patch selecon using QQL Select patches manually

 

17. Once you establish your priority opon you can generate
generate your Priorizaon
Priorizaon Report. By default
this report will produce a list of _________ that match your priority opons.

Patches Threat Feeds

Vulnerabilies Assets

18. Once you establish your priority opon you can generate
generate your Priorizaon
Priorizaon Report. By default
this report will produce a list of _________ that match your priority opons.

Create Dashboard widgets for all the contents of the report

Export the report to dashboard and create a dynamic widget

Schedule a report to run on a regular basis

Run a report every me it is needed

19. Aer Qualys Cloud Agent has been

been successfully installed on a target host, which of the followi
following
ng
“Patch Management” setup steps must be completed, before host patch assessments can begin?
Select all that apply.

Assign host to CA Conguraon Prole (with PM enabled)

Acvate PM module on host

Assign host to a PM Job

Assign host to an enabled PM Assessment Prole

20. You have to priorize the vulnerabilies by age b

before
efore you go ahead and generate
generate a
Priorizaon Report. When you are priorizing vulnerabilies by age, you have the opons of:
Select all that apply.

Vulnerability Age Detecon Age

Priority Age Installaon Age

21. In CSAM, the term “unidene

“unidened”
d” means: Select all that apply.

There isn’t enough informaon gathered to determine the OS/hardware/soware

Qualys couldn’t fully ngerprint the OS

There is enough informaon, but the data isn’t catalogued in CSAM yet

Qualys could fully ngerprint the OS but it’s not in your subscripon

22. You were unable to search

search some of your Operang
Operang Systems using a lifecycle query.
query. Later, you
found out the reason. The lifecycle stage of the operang system you were searching was:

End of life End of support Obsolete General Availability

23. Which of the following condions must be met, in order for Qualys Patch Management to
successfully patch a discovered vulnerability? Select all that apply.

The vulnerability should be less than 30 days The vulnerability must be conrmed, The
vulnerability’s host must be running Qualys Cloud Agent The vulnerability must be patchable
 

24. You have to run a patch job

job on a regular basis. Which of the following
following will you follow in order to
make your work ecient? Select all that apply.

Use Asset Tags as targets for patch deployment jobs

Use the dashboard to monitor

Schedule patch job on a monthly basis

Once test deployments are veried

Clone the deployment job and include producon asset tags

25. The Threat Feed leverages

leverages data from mulple sources.
sources. Which of the following sources are used?
Select all that apply.

Other Sources Exploit Sources Malware Sources Qualys Threat and Malware Research Team

26. You have deployed several

several thousand Qualys C
Cloud
loud Agents, and now you would
would like to conserve
network bandwidth by allowing your agents to store and share their downloaded patches (from
a central locaon). Which Qualys technology is the best t to solve this challenge?

Qualys Passive Sensor Qualys Gateway Server Qualys Cloud Connector Qualys Scanner Appliance

27. You have to analyse the

the threat intelligence informaon
informaon provided by Qualys Thre
Threat
at and Malware
Labs. Where will you nd this informaon?

VMDR > Vulnerabilies tab > Asset VMDR > Dashboard tab

VMDR > Priorizaon tab > Threat Feed VMDR > Priorizaon tab > Reports

28. Your colleague has just completed

completed the following steps to setup
setup your Qualys account for patching:
1. Installed Qualys Cloud Agent on target hosts. 2. Assigned all Agent hosts to a Conguraon
Prole with PM conguraon enabled. 3. Acvated the PM applicaon module for all Agent
hosts. 4. Assigned all hosts to an enabled Assessment Prole. Although Deployment Jobs have
been created and enabled, patches are not geng installed. What step did your colleague miss?

Targeted assets must be congured to consume a patching license

Targeted assets must be labelled with the ""Patchable"" Asset Tag

Targeted assets must be added to the ""Patch Management"" Asset Group

Targeted assets must be added to the Patch Catalogue

29. A pre-deployment message

message appears at the start
start of a patch job. You have tto
o create a deployment
 job for a Windows user wherein
wherein he will receive a no
nocaon
caon message to the user indicang that
a reboot is required. What communicaon opon will you select?

Reboot message Reboot Countdown Supress Reboot Reboot Request

30. Your IT team has congured

congured a patch window to run a deployment
deployment job within 5 hours. Due to
some reason you were not able to start the patch installaon within that window. What status
will they host display?

Not aempted Timed out Retry Failed